Petya/NotPetya: The Latest Global Ransomware Attack

Petya/NotPetya: What You Need to Know About the Latest Global Ransomware Attack

At Fully Managed, we take ransomware very seriously. And while we do everything we can to proactively protect our clients from such attacks, we know that education is key to prevention and believe that knowledge is power.

What Happened?

A large-scale ransomware attack has been hitting Europe and India, and it is predicted to spread across the globe in the coming days.

What is ransomware? What is Petya/NotPetya?

Ransomware is a type of virus that encrypts all files on a computer making them inaccessible. Payment is then demanded within hours to decrypt the files before they are lost forever.

This latest ransomware is part of the Petya (or Petrwrap) family, referred to as either Petya or NotPetya. It is expected that Petya/NotPetya will have a larger impact than previous ransomware attacks because, instead of only locking certain files, Petya/NotPetya will lock the entire disk, making the system inaccessible.

How does Petya/NotPetya infect computers?

Like previous ransomware, the virus initially arrives via email, asking the user to click a link to download something seemingly harmless, when in fact it is the virus.

Once the virus is downloaded, it begins to cause damage immediately. First, it encrypts local files, then it searches for network files that it can gain access to. The virus will attempt to encrypt files and data there too. After the encryption is complete, the virus reboots the computer and displays the ransom demand.

How can YOU protect against ransomware?

Share this information with your organization, and ask employees to be extra vigilant about what emails they open – ESPECIALLY when it comes to clicking links within an email.

Do NOT open any emails if you do not RECOGNIZE the SENDER. Unless you are totally sure of the sender of an email, do not open attachments or click on links.

Even if you recognize the sender, if the content seems out of the norm, use common sense – DO NOT CLICK ON IT. Confirm with the sender that they did send the email or SKYPE message.

Remove any unnecessary file shares, and limit necessary file shares to the minimum number of people necessary. This will reduce the attack vector should a virus get within your network.

Check all computers to ensure they are covered by security software.

How does FULLY MANAGED help protect our clients against Petya/NotPetya?

We install and maintain enterprise-level security endpoint solutions on all devices. By leveraging the power of artificial intelligence, algorithmic science, and machine learning, we can better predict known and unknown attacks.

We ensure the appropriate Microsoft patches are up to date on all computers and servers. Most importantly, the critical patch issued by Microsoft on 14 March 2017 to remove underlying vulnerabilities for supported systems.

We have a disaster recovery plan in place if, by some chance, ransomware does infect an infrastructure, and we provide immediate remediation support.